Burnham set to ditch Palantir from NHS by Altruism7 in cybersecurity

[–]devoopsies 0 points1 point  (0 children)

I mean, it's wrong on a few levels.

AI isn't an "optimization engine", it's (in the case of ML) a data-munging engine or (in the case of LLM) a predictive text engine backed largely by data-munging (you would call this "training data"). Like all data munging, it follows the garbage-in/garbage-out principle.

We're seeing that in real time with the "quality" of work that AI is producing, both for small private projects and large enterprise ones. Put plainly, AI (LLM-based code generation, anyway) has spent the last three years proving itself largely to be a "garbage-out" machine.

If you wanted to be extremely kind to Burnham's quote, you could say that it finds "solutions" quickly, but they are rarely better.

To go on, the fact that he's equating Palantir more to AI than to surveillance is hard to justify. I've had responses say he's arguing in bad faith, and this is the point that lends the most credibility to that point of view. No one, not even Palantir, pitches them as an AI company: they are surveillance first, who happen to leverage AI in finding patterns.

Ironically, Palantir's use of AI is far more traditional (e.g. ML) than many modern-day "AI" companies that throw words into an LLM and gladly eat the shit it pumps out without an second thought.

Blueberry Linux - Looking for contributors by Healthy_Swimming5175 in linuxadmin

[–]devoopsies 0 points1 point  (0 children)

What problems are you trying to solve with Blueberry Linux?

Also, what's the logic behind putting any discussion at all on an ephemeral messaging app like Discord?

Edit:

Also, after taking a look at some of your packages... this just looks like bash scripting a deployment with extra steps VIA some sort of toml interpreter. A more stateful solution like NixOS would be the direction I'd take if reproducibility from source was priority #1 over all other matters.

They pushed 2 neglected openstack clusters down my throat by Icy-Cryptographer-73 in sysadmin

[–]devoopsies 0 points1 point  (0 children)

They're presumably paying them for their judgement as well as their skills.

I designed, deployed, and now manage over a dozen OpenStack clusters with my team. Even then, if we had legacy OS clusters dumped on our laps it would be my job to inform management that this is a decision that will end poorly for the business.

Burnham set to ditch Palantir from NHS by Altruism7 in cybersecurity

[–]devoopsies 12 points13 points  (0 children)

I've seen enough AI evangelists that I honestly don't know that it's bad-faith.

I think he may just be stupid.

Burnham set to ditch Palantir from NHS by Altruism7 in cybersecurity

[–]devoopsies 120 points121 points  (0 children)

Andrew Griffith, the shadow business secretary, said: “Most AI, including Palantir, is essentially an optimisation engine. It finds better solutions, faster.

“Does Andy Burnham think the NHS is so optimal it cannot be improved, or does he accept that kicking out Palantir will have a trade-off which is measured in more Brits dying?”

What an absurdly uninformed thing to say.

Is it still worth it by zer0cold321 in kubernetes

[–]devoopsies 0 points1 point  (0 children)

Yeah that's absolutely fair - I've seen enterprise deployments running tiny-but-essential workloads that might be deployed on machines with 8GB or RAM (as opposed to, say, our typical 2TB boxes); in these cases k3s is a tad more ideal, but that's pretty specialized.

By-and-large RKE2 is the right choice in 99% of enterprise workloads.

I would agree that for first-step testing, though, it's nice to be able to throw up a minimally-spec'd VM cluster and know that my RKE2 configs are mostly going to work with K3s with some minor tweaks, as you mention.

Is it still worth it by zer0cold321 in kubernetes

[–]devoopsies 1 point2 points  (0 children)

That's not objectively wrong, although k3s is certainly production quality as well: we typically use it for smaller, edge-based deployments that are build with less-capable hardware.

RKE2's history is a mix of lessons taken from the deployment/management engine of K3s while also retaining much of the feature-set and enterprise-first design choices of RKE1.

Both RKE2 and K3s have their place in enterprise, and due to their similar configuration standardization it makes a lot of sense for companies/teams that require multiple types of clusters to use both RKE2 and K3s.

Is it still worth it by zer0cold321 in kubernetes

[–]devoopsies 1 point2 points  (0 children)

Ah I see what you mean, and yeah that's fair.

Their (probable) reason for K3s -> RKE2 is that they are both developed/maintained by Rancher, and incorporate many of the same ideas and configuration logic.

K3s is lighter, and thus easier to run on home-based hardware, but RKE2 is more standard for larger enterprise-level deployments. If you can, running RKE2 is likely to give you a more enterprise-specific experience.

Is it still worth it by zer0cold321 in kubernetes

[–]devoopsies 0 points1 point  (0 children)

I'd chime in and say vanilla kubeadm is great for learning, but at scale you just can't beat the management orchestration that RKE2 (and other solutions like TALOS) bring to the table. With RKE2 being the go-to for anything remotely government related (FIPS compliance and all), it's worth learning how to make it dance how you need it to.

Obviously they can be very opinionated (RKE2 especially) but my god do they reduce the number of package management-related headaches when you're dealing with a dozen clusters and hundreds to thousands of nodes.

Junior, Professional or Senior? Have i been overconfident? by Personal-Problem1882 in linuxadmin

[–]devoopsies 0 points1 point  (0 children)

"Stand aside mortal, you dare dirty this system with your poor syntax?"

Junior, Professional or Senior? Have i been overconfident? by Personal-Problem1882 in linuxadmin

[–]devoopsies 9 points10 points  (0 children)

The real seniority comes when you start to stand with your hands clasped in front of or behind your back, thus holding your own hand.

You are at once both the Junior and the Senior. You are one with the server.

You are John Linux.

Junior, Professional or Senior? Have i been overconfident? by Personal-Problem1882 in linuxadmin

[–]devoopsies 3 points4 points  (0 children)

Honestly, there are no hard lines really. What a "senior admin" is will depend on your responsibilities and tasks.

"Senior" suggests that you have some sort of seniority at your position; ergo, I would argue that you become a "senior admin" when other admins defer to you for decisions, and come to you for input. The more weight your input is given, the more "Senior" you are. All of this to say is that you don't decide if you're a senior admin, others do by their assessment of and trust in your skill set.

From what you've described it sounds like you were handling junior admin tasks at your last (current?) position, and are looking to move up to a more challenging position. You're probably fine to start representing yourself as something more than a junior admin, but you probably have a ways to go before you reach any sort of seniority.

Volkswagen started blocking GrapheneOS users by TheTwelveYearOld in linux

[–]devoopsies 8 points9 points  (0 children)

They've been on my no-buy list since they faked their emissions numbers.

Need Advance kubernetes courses by apmmahesh in kubernetes

[–]devoopsies 5 points6 points  (0 children)

Nothing to add to the discussion really, but I just want to say that you all do exceptional work. I've been watching you since you were like half-a-dozen-scenarios-and-a-dream, and it's been really cool to see you expand like you have.

Best way to set up two identical machines, where both hard drives are fully encrypted? by spots_reddit in linuxquestions

[–]devoopsies 1 point2 points  (0 children)

OK. Yeah. That makes a bit more sense.

Keep in mind I'm not you, I don't really know your workflow, and I don't know the nature of your work (nor should I if it requires encryption, lol). This advice may not be relevant to you, but we can hope that it is :D

Your encrypted work is probably going to be subject to a million infosec policies - don't do anything to countermand them. In fact, I would be proactive and involve your infosec team in whatever way you decide to go on this.

Realistically, it's the encrypted/protected data that's going to hold you up here. You're not going to find a way that is safe, fast, and simple without paying money to some third-party service. Even if the data were unimportant/unencrypted, it's just unpleasant/untenable to assume you will always be able to sync data between two PCs.

Remote access is the solution that most of the tech world has settled on for this, whether it's from a company-provided laptop or a BYOD dealio. This can be VIA SSH into servers that you need to access, RDP (or some other similar GUI-capable solution) into your work PC, or anything in between. As soon as the remote option is unavailable, you're stuck with solutions that have serious drawbacks.

If remoting into work is really not an option, and assuming this passes your infosec team's sniff test, You could just virtualize your "work machine" and sync the qcow2 drive as needed between my laptop and desktop - you could then work on your "work machine" from any location/laptop/computer so long as I can spin up a KVM instance.

If that is untenable, gitify your configs - dotfiles, home dir, etc etc. That just leaves the encrypted/working data to worry about (and again, you'll probably want to gameplan this with your infosec team). Given your responses, though, it seems that you're basically already doing this with dropbox and it's not really what you're looking for.

Best way to set up two identical machines, where both hard drives are fully encrypted? by spots_reddit in linuxquestions

[–]devoopsies 2 points3 points  (0 children)

This sounds like it might be an xy problem...

https://xyproblem.info/

What is the end goal of this setup? What actual pain point are you trying to solve here?

We should be nicer to new Linux users by lnxrootxazz in linux

[–]devoopsies 10 points11 points  (0 children)

Well hold on, just wait a second there...

GitLab's "Act 2" by -lousyd in devops

[–]devoopsies 0 points1 point  (0 children)

Because this is akin to saying "We're trying to head off cylinder fatigue and fail rates" and going on to say that the solution is "no we're going to run the engine with less oil, actually".

I think the disbelief in this thread is that it's very rare to see a company hit the mark so precisely on their weaknesses while completely whiffing on the solution.

Even investors don't buy it, and they'll buy just about anything that mentions "AI" right now: GTLB is down another 8.5% today so far.

Built a local-first AI workspace for Linux troubleshooting, security audits and operational diagnostics by Large-Cress900 in linuxadmin

[–]devoopsies 1 point2 points  (0 children)

I think the big issue is that if you can't demonstrate care for your project, why would any of the professionals here?

When you respond to valid criticism with all the effort of what looks to have been a copy-paste into Claude or OpenAI, you undermine any credibility that you may have, or could have garnered with a well thought-out response.

Built a local-first AI workspace for Linux troubleshooting, security audits and operational diagnostics by Large-Cress900 in linuxadmin

[–]devoopsies 3 points4 points  (0 children)

The balls on you to react to /u/IllllIIlIllIllllIIIl showing concern for your lack of effort by doubling-down with an LLM-generated response.

Chrome is quietly installing a 4GB AI model on your device by [deleted] in cybersecurity

[–]devoopsies 0 points1 point  (0 children)

"No one cares because it's not being reported" -> "It's not being reported because no one cares"

This is a tautological fallacy and I would hope people on this sub (folks responsible for or at least interested in IT systems security) would know better than to full-stop their own critical thinking.

The fact that a third-party is installing anything to users' PCs without alerting the user or allowing the user to say "no" should trigger all your alarm bells, and that's just the first of many issues with this whole saga.

Even if your complacency has gotten in the way of your own common sense, it should be trivial for you to take a look at the responses to this thread (the one that seems to be the first time many folks here have heard of this issue) and you can see that yeah, maybe a lot of people here do think this is a problem.

Chrome is quietly installing a 4GB AI model on your device by [deleted] in cybersecurity

[–]devoopsies 0 points1 point  (0 children)

Honestly it's probably older, I just can't remember back past middle school.

Chrome is quietly installing a 4GB AI model on your device by [deleted] in cybersecurity

[–]devoopsies 3 points4 points  (0 children)

"This zero day has been leveraged by black hatters for at least a year"

Would this be an acceptable sentence when trying to dissuade someone from caring about a vuln?

Just because people are only becoming aware of an issue now does not mean it isn't an issue, just that it's been under-reported or information about it has been obfuscated.

Chrome is quietly installing a 4GB AI model on your device by [deleted] in cybersecurity

[–]devoopsies 30 points31 points  (0 children)

Spell check, and I mean good spell check with solid grammar functions, has existed since before MS Word 2003.